System, server device, and storage device
Abstract
According to one embodiment, a server device includes a memory and a processor. The memory stores verification information. The processor accepts a request to transmit a certificate number, generates information in which identification information of one of storage devices from which data is to be erased, a public key, a secret key, and the certificate number are associated with one another, transmits the certificate number, performs verification using an authenticator transmitted by the one storage device and verification information, generates, based on a result of the verification, an erasure certificate that includes the identification information and the certificate number and is signed using the secret key, and transmits the erasure certificate.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A system comprising:
storage devices; and
a server device,
the server device comprising:
a first memory storing first verification information; and
a first processor configured to:
accept a request to transmit a certificate number indicating a number for identifying an erasure certificate;
generate information in which identification information of one of the storage devices from which data is to be erased, a public key, a secret key, and the certificate number are associated with one another;
transmit the certificate number;
verify whether an erasure completion notification transmitted by the one storage device is appropriate by using an authenticator transmitted by the one storage device and the first verification information;
generate, in response to the erasure completion notification being appropriate, the erasure certificate that includes the erasure completion notification transmitted by the one storage device and is signed by using the secret key; and
transmit the erasure certificate, and
each of the storage devices comprising:
a second memory storing second verification information corresponding to the first verification information; and
a second processor configured to:
erase the data; and
transmit the erasure completion notification including the certificate number transmitted by the server device and the identification information, and the authenticator generated by using the second verification information.
2. The system according to claim 1 , wherein the first processor is configured to generate the erasure certificate further including a time based on a time at which the request to transmit the certificate number is made.
3. The system according to claim 2 , wherein the first processor is configured to generate the erasure certificate that further includes a time at which the erasure certificate is generated.
4. The system according to claim 1 , wherein
when a request is made to put together two or more storage devices to be erased of the storage devices, the first processor is configured to:
generate information in which identification information of the two or more storage devices, a public key, a secret key, and an erasure certificate number are associated with one another; and
verify an authenticator transmitted from each of the two or more storage devices.
5. The system according to claim 1 , wherein the first processor is configured to generate a public key and a secret key common in a predetermined unit.
6. The system according to claim 1 , wherein the second processor is configured to transmit the erasure completion notification that further includes an erasure location.
7. The system according to claim 1 , wherein the second processor is configured to erase the data when receiving a data erasure preparation command and further receiving a data erasure command.
8. A server device for verifying erasure completion of storage devices, the server device comprising:
a memory storing verification information; and
a processor configured to:
accept a request to transmit a certificate number indicating a number for identifying an erasure certificate;
generate information in which identification information of one of the storage devices from which data is to be erased, a public key, a secret key, and the certificate number are associated with one another;
transmit the certificate number;
verify whether an erasure completion notification transmitted by the one storage device is appropriate by using an authenticator transmitted by the one storage device and the verification information, the erasure completion notification including the certificate number and the identification information, and the authenticator being generated by using verification information for the one storage device;
generate, in response to the erasure completion notification being appropriate, the erasure certificate that includes the erasure completion notification and is signed by using the secret key; and
transmit the erasure certificate.
9. The server device according to claim 8 , wherein the processor is configured to generate the erasure certificate further including a time based on a time at which the request to transmit the certificate number is made.
10. The server device according to claim 8 , wherein
when a request is made to put together two or more storage devices to be erased of the storage devices, the processor is configured to:
generate information in which identification information of the two or more storage devices, a public key, a secret key, and an erasure certificate number are associated with one another; and
verify an authenticator transmitted from each of the two or more storage devices.
11. The server device according to claim 8 , wherein the processor is configured to generate a public key and a secret key common in a predetermined unit.
12. The server device according to claim 8 , wherein the processor is configured to generate the erasure certificate that further includes a time at which the erasure certificate is generated.
13. The server device according to claim 8 , wherein the processor is configured to generate the erasure certificate that further includes an erasure location.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.